Replace string kind with boolean preservesValue

2026-04-30 19:26:02 +02:00 · 2021-09-22 09:28:55 +02:00
parent cdc359527a
commit a37737d065
3 changed files with 13 additions and 12 deletions
--- a/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
+++ b/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
@@ -96,7 +96,7 @@ abstract class SummarizedCallable extends LibraryCallable {
   * but uses an external (string) representation of the input and output stacks.
   */
  pragma[nomagic]
-  predicate propagatesFlowExt(string input, string output, string kind) { none() }
+  predicate propagatesFlowExt(string input, string output, boolean preservesValue) { none() }

  /**
   * Holds if values stored inside `content` are cleared on objects passed as
--- a/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll
+++ b/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll
@@ -45,9 +45,10 @@ DataFlowType getCallbackReturnType(DataFlowType t, ReturnKind rk) { any() }
 * `input`, output specification `output`, and kind `kind`.
 */
 predicate summaryElement(DataFlowCallable c, string input, string output, string kind) {
-  exists(FlowSummary::SummarizedCallable sc |
-    sc.propagatesFlowExt(input, output, kind) and
-    c.asLibraryCallable() = sc
+  exists(FlowSummary::SummarizedCallable sc, boolean preservesValue |
+    sc.propagatesFlowExt(input, output, preservesValue) and
+    c.asLibraryCallable() = sc and
+    if preservesValue = true then kind = "value" else kind = "taint"
  )
 }